A Passive SSH back-end and scanner.
Passive SSH is an open source framework composed of a scanner and server to store and lookup the SSH keys and fingerprints per host (IPv4/IPv6/onion).
The key materials along fingerprints and hosts are stored in a fast-lookup database. The system provides an historical view of SSH keys seen but also common key materials reused on different IP addresses.
./install.sh
The ssh scanner can be used with a Tor proxy to scan a host or an hidden service.
Don’t forget to install the Tor proxy if you want to scan Tor hidden services: sudo apt-get install tor -y
Launch the redis and the tornado server:
./LAUNCH -l
A SSH scanner is included to scan small networks or internal infrastructure.
. ./PSSHENV/bin/activate
cd bin/
# Scan a host
./ssh_scan.py -t <host: 10.0.0.12>
# Scan a network range
./ssh_scan.py -r <network range: 10.0.0.0/8>
An API is available to query the Passive SSH server.
By default, the tornado server for Passive SSH is running on port 8500.
curl http://localhost:8500/banners
/stats
Return server staticstics:
/banners
Return all banners ordered by scores
/banner/hosts/<banner>
Get hosts by banner:
/keys/types
Return the list of all keys types
/host/ssh/<host>
Return host SSH metadata:
/host/history/<host>
Return the SSH history of an host
/fingerprints
Return all fingerprints ordered by scores
/fingerprint/all/<fingerprint>
Get hosts by fingerprint:
/fingerprint/type/<key_type>/<fingerprint>
Get hosts by type of key and fingerprint:
/hasshs
Return all hasshs ordered by scores
/hassh/hosts/<hassh>
Get hosts by hassh:
The software is free software/open source released under the GNU Affero General Public License version 3.